Post by openhwh » Mon Jul 17, 2017 1:10 pm

Hey folks,

Which OWASP v3 rules are causing false positives? https://www.modsecurity.org/crs/ Whats the paranoia level you use?

Any rules from somewhere else you find useful?

I see modsecurity commercial offering is over 16,000 rules, seems to much as it may slow site a lot. What do you think?

Imo you need to mainly address SQL injections.

Newbie

Posts

Joined
Tue Oct 25, 2016 7:11 pm
Who is online

Users browsing this forum: No registered users and 10 guests